[varenc]

Would this stop the NSA? No way. But assuming this component is critical for Face ID security, then yes I do think it would slow down the NSA. And it's probably moot since well-funded state actors have access to RCE 0-days anyway.

But raising the cost of an attack might put it out of reach for lower-level actors. For example, there's a small industry of stalkerware [0] out there where the attacker is someone close to the victim. Like with a couple going through a divorce. This measure might make it infeasible for a stalker to compromise a victim's phone by replacing the Face ID chip with a hacked one.

Is security the only reason Apple's doing this? Not a chance. But I also don't think this is 100% useless security theatre. The better way to combat this is to fight against the false dichotomy Apple presents. They act like there's no middle ground between security and user control.

Rather than say all these security measures are useless, we can acknowledge that they have some value but present an alternative solution. I'm sure there are many options but here's a simple one: Don't put the secure Face ID chip on the replaceable screen! Put it somewhere else in the phone next to all the other secure hardware chips.

[0]: https://www.nytimes.com/2021/09/29/technology/personaltech/s...